hxxp://stretchoid[.]com

Analysis

max time kernel
97s
max time network
98s
platform
windows10-2004_x64
resource
win10v2004-20230221-en
resource tags

arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
submitted
21-03-2023 07:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://stretchoid.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133238601094695666"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4532	chrome.exe
4532	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe
Token: SeShutdownPrivilege	4532	chrome.exe
Token: SeCreatePagefilePrivilege	4532	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe
4532	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4532 wrote to memory of 5092	4532	chrome.exe	88
PID 4532 wrote to memory of 5092	4532	chrome.exe	88
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2624	4532	chrome.exe	89
PID 4532 wrote to memory of 2156	4532	chrome.exe	90
PID 4532 wrote to memory of 2156	4532	chrome.exe	90
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91
PID 4532 wrote to memory of 960	4532	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://stretchoid.com
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc9b9f9758,0x7ffc9b9f9768,0x7ffc9b9f9778
  2⤵
  PID:5092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=1800,i,12677520269826151460,15531214277545018375,131072 /prefetch:2
  2⤵
  PID:2624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1800,i,12677520269826151460,15531214277545018375,131072 /prefetch:8
  2⤵
  PID:2156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2188 --field-trial-handle=1800,i,12677520269826151460,15531214277545018375,131072 /prefetch:8
  2⤵
  PID:960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1800,i,12677520269826151460,15531214277545018375,131072 /prefetch:1
  2⤵
  PID:832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3052 --field-trial-handle=1800,i,12677520269826151460,15531214277545018375,131072 /prefetch:1
  2⤵
  PID:368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4512 --field-trial-handle=1800,i,12677520269826151460,15531214277545018375,131072 /prefetch:1
  2⤵
  PID:4056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4968 --field-trial-handle=1800,i,12677520269826151460,15531214277545018375,131072 /prefetch:8
  2⤵
  PID:3064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5060 --field-trial-handle=1800,i,12677520269826151460,15531214277545018375,131072 /prefetch:8
  2⤵
  PID:628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=1800,i,12677520269826151460,15531214277545018375,131072 /prefetch:8
  2⤵
  PID:704

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2560

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
6e6e96792eae1cba39639a975dd79fb9

SHA1
544e280b1fbd937f2ed9764b47ca99d32064456d

SHA256
13d48c4c83de520e1226848376420929a254006dbe6d8751c439a1dd61ec9ccc

SHA512
80a5b90589febfa83ea1435401be307bd164a5a2c70b7117fae49563ff42fab9936bf10c103491c6bf09d351fbb768f9177c73d045ff2b027c1ab2335d4ac424

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
97c4cd1547bdfd81a1f3f2e5c84c6a49

SHA1
3fd78fb9ea06576f54912566cf83cdc2eed832d2

SHA256
5a8d4b87ceb0e1dd31d4344a38ab5352efb55878233e13e2b73f5728cc398429

SHA512
cb875914db6630592001f923f0898543f9a7bc2ae1df53b2c1e3e5faf975a8206955ba04c61fdcbc7a65c0e850d1416f32e47d10f7f7f8d11e7d2aa66cd5fe1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
89dbcbfafb96a95c3d3ac9e20bec5eed

SHA1
fa7ca43cccd9ec06c3a2f364758a2cc55d287150

SHA256
cce13c0663a34c7481dbe9f4a4f5242809060b9c6ba3149c7241e561186438c5

SHA512
17104d1369d99a0ea37e9cd6505715130155f12acf3fef19045cd0b04ffcbc0cb01b7f5368895202fa34918b6eff51baab3a281411107b7c8560d392ae71b06c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d1fd35edfaacda88d0d21b686a591439

SHA1
446dd519becbd16032684d89dfdcde0a81536324

SHA256
c3381b7e472536b3bc85bec2f984bf991867564b7703694087818b0425bbf480

SHA512
f47b1c7e504df72c2258198e8a0f8d30ba2f844675de31d3aa543a27ab5c4b22c1aeb737a6aec3754fd13917a752ad62bfaceced5b68a5c4e170c3c03467c4fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f1adb97b12d737da89ad488318e29d48

SHA1
f2027147702120153cef3c7045c2b43a1c960bbc

SHA256
b2ed915bc213e1ad732fc1c3ff46e73db8b16fee6215d1b24b1686dbfe2c1db9

SHA512
5c9767f44036c45ce96fbed40e9bf17cf64c57736c798bb6641e77d3a872145355368a64398c33bef9ee2bb73690e299c9274621a84fc2d466682fa9116ad926

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a96a402028f73b064cc85d855849c0b6

SHA1
0b7effb2aeed44c584bf233fe68356799d63c053

SHA256
e204212f5500630c11bf61010497672707192ebabd3b753c8beefc86b27efa75

SHA512
2cc550d6d4d835d173b84b56f4690ccc57035f9ed549732795160d8b1bfbec0523dbb7e812e26969e40b423ee247932a6fa3e271eacd77f88be89a349175bc73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
433eabc8fe76d47688ccfcd5bcd1e6b4

SHA1
15b440f62a72bee7212bf38c4673a1b8341dd2d0

SHA256
3ede96089a20670e6159fbd895930a716927059bfcf7f56f7a56d8584c9801ae

SHA512
0cd58d305a787c71a60846c5ec8772bcbe607d47b8bf9e39e074c8acf7b61ed72114e509f37ad2031eed13163a725d5733227b40523da12cfbb3e3384043ac1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
fe74518cca8ec0cd2d46b895b93e82ac

SHA1
53c070fb5b359dabf5e13ded4af344769df7530a

SHA256
3a815d19f2bad3627c40a3aedce267e90270c9e9684c05d918e0693fe5ceda8b

SHA512
6e53b9f84fc48f74cfb2b3873702cd73e3040a872f1dce2f434c0e67f26d9ea0e573bd04da3d32394e2d57dd719a6acbd9365802f368fd87fce91e3b2aa0ee53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
144KB

MD5
3c176a4c7244394ccb5c1b0c4010c2ee

SHA1
a22946af722255778b6ae58af98992c136f123d6

SHA256
e6b940f880fce2b8d3bb4e205b9c45a95acd49eba9b0d0692b725abf6c2885ae

SHA512
6775fd33e72bea9543441d0504412d76b0ab3e5dd9a35695ba92002a9e1553f11c8c4756b93b6e1f6475b8fcdf74d969c2c07c3ff8d02407fad6d27c8859cff7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit